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I claim: 

1 . A security system comprising a network, 

said network comprising one or more networked systems of one or more types, 

a plurality of said one or more networked systems comprising a hardware 
processor providing transport layer protocol processing, 

said hardware processor comprising 

a protocol processing engine to do transport layer protocol processing; or 

a programmable rule processing engine to analyze network traffic for rule 
matching or taking actions on matched rules or a combination thereof; or 

a security processing engine to do encryption, decryption, authorization or 
authentication or a combination thereof using standard or proprietary security 
protocols; or 

a packet classification engine to classify the network traffic; or 
a packet processing engine to perform packet processing tasks; or 
a combination of any of the foregoing, 

said security system providing multiple protocol layer security in said network. 

2. A security system for a storage area network, 

said storage area network comprising one or more networked systems of one or 
more types, 

said security system comprising a set of systems from said one or more 
networked systems, 

a plurality of said set of systems comprising a hardware processor providing 
transport layer protocol processing, 

said hardware processor comprising 
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a storage protocol processing engine to do protocol processing; or 

a protocol processing engine to do transport layer protocol processing; or 

a programmable rule processing engine to analyze storage area network traffic 
for rule matching or taking actions on matched rules or a combination thereof; or 

a security processing engine to do encryption, decryption, authorization or 
authentication or a combination thereof using standard or proprietary security 
protocols; or 

a packet classification engine to classify the storage area network traffic; or 

a packet processing engine to perform packet processing tasks like header 
processing or deep packet processing or a combination thereof; or 

a combination of any or the foregoing, 

said security system providing multiple protocol layer security in said storage 
area network. 

3. The security system of claim 1 further comprising: 

a. at least one central manager for compiling and distributing security rules; and 

b. at least one security policy driver to communicate with the central manager 
and to set up rules in said hardware processor on at least one of said plurality of said one or 
more networked systems to analyze and enforce security based on said rules. 

4. The security system of claim 3 wherein the central manager comprises at least 

one of: 

a. A Security Policy Developer Interface for entering security policy; 

b. A Security Rules Compiler for compiling security policies into rules; 

c. A Rules Distribution Engine to distributed rules to said plurality of said one or 
more networked systems; 
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d. A Security Policy Manager Interface to manage said plurality of said one or 
more networked systems; 

e. A Security Monitoring Engine to monitor said network; 

f. An event collection/management engine to manage said network and collect 
5 events or reports from at least one of said plurality of said one or more networked systems; or 

g. a combination of any of the foregoing. 

5. The security system of claim 3 wherein at least one of said networked systems 
provides security based on rules for 

a. OSI protocol layer two to provide layer two or MAC layer filtering; or 

10 b. OSI protocol layer three to provide layer three or network layer filtering; or 

c. OSI protocol layer four to provide layer four or transport layer filtering; or 

d. OSI protocol layers five through seven to provide upper layer or application 
layer filtering; or 

e. a combination of any of the foregoing. 

15 6. The security system of claim 1 including security protocols comprising at least 

one of IPSEC, OPSEC, SSL, TLS, AES, DES, 3DES, SHA1, MD4, MD5, RSA, CHAP, 
Kerberos, a proprietary protocol, or a combination of any of the foregoing. 

7. The security system of claim 3 wherein at least one of the at least one policy 
drivers executes on a processor of said hardware processor or on a host processor of at least 

20 one of said networked systems. 

8. The security system of claim 1 including multiple protocol layer security that 
includes security functions performed at one or more protocol layers of the OSI stack to provide 
packet filtering, intrusion detection, denial of service attack detection, port scanning detection, 
virus scan, spam filtering, unauthorized access, or a combination of any of the foregoing. 

25 9. A security system comprising a network, 
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said network comprising one or more networked systems of one or more types, 

a plurality of said one or more networked systems comprising a hardware 
processor providing remote direct memory access capability, 

said hardware processor comprising 

5 an RDMA mechanism for performing RDMA data transfer or 

a protocol processing engine to do transport layer protocol processing; or 

a programmable rule processing engine to analyze network traffic for rule 
matching or taking actions on matched rules or a combination thereof; or 

a security processing engine to do encryption, decryption, authorization or 
10 authentication or a combination thereof using standard or proprietary security 

protocols; or 

a packet classification engine to classify the network traffic; or 

a packet processing engine to perform packet processing tasks like header 
processing or deep packet processing or a combination thereof; or 

1 5 a combination of any of the foregoing, 

said security system providing multiple protocol layer security in said network. 

1 0. The security system of claim 9 where said hardware processor provides a 
transport layer remote direct memory access capability. 

1 1 . The security system of claim 9 further comprising: 

20 a. at least one central manager for compiling and distributing security rules; and 

b. at least one security policy driver to communicate with the central manager to 
set up rules in said hardware processor on at least one of said plurality of said one or more 
networked systems to analyze and enforce security based on said rules. 
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12. The security system of claim 1 1 wherein the central manager comprises at least 

one of: 

a. A Security Policy Developer Interface for entering security policy; 

b. A Security Rules Compiler for compiling security policies into rules; 

5 c. A Rules Distribution Engine to distribute rules to said plurality of said one or 

more networked systems 

d. A Security Policy Manager Interface to manage said plurality of said one or 
more networked systems; 

e. A Security Monitoring Engine to monitor said network; 

10 f. An event collection/management engine to manage said network and collect 

events or reports from said plurality of said one or more networked systems; or 

g. a combination of any of the foregoing. 

13. The security system of claim 1 1 wherein at least one of said networked systems 
provides security based on rules for 

15 a. OSI protocol layer two to provide layer two or MAC layer filtering; or 

b. OSI protocol layer three to provide layer three or network layer filtering; or 

c. OSI protocol layer four to provide layer four or transport layer filtering; or 

d. OSI protocol layers five through seven to provide upper layer or application 
layer filtering; or 

20 e. a combination of any of the foregoing. 

14. The security system of claim 9 including security protocols comprising at least 
one of IPSEC, OPSEC, SSL, TLS, AES, DES, 3DES, SHA1, MD4, MD5, RSA, CHAP, 
Kerberos, a proprietary protocol or a combination of any of the foregoing. 
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1 5. The security system of claim 1 1 wherein at least one of the at least one policy 
driver that executes on a processor of said hardware processor or on a host processor of at 
least one of said networked systems. 

1 6. The security system of claim 9 including multiple protocol layer security that 

5 includes security functions performed at one or more protocol layers of the OSI stack to provide 
packet filtering, intrusion detection, denial of service attack detection, port scanning detection, 
virus scan, spam filtering, unauthorized access, or a combination of any of the foregoing. 

17. The combination of claim 1 wherein said one or more networked systems 
comprises a blade server, thin server, media server, streaming media server, appliance server, 

10 Unix server, Linux server, Windows or Windows derivative server, AIX server, clustered server, 
database server, grid computing server, VOIP server, wireless gateway server, security server, 
file server, network attached storage server, game server, router, switch, wireless access point, 
workstation, desktop computer, notebook computer, laptop computer, utility computing system 
or gateway device or a combination of any of the foregoing. 

15 18. The combination of claim 9 wherein said one or more networked systems 

comprises a blade server, thin server, media server, streaming media server, appliance server, 
Unix server, Linux server, Windows or Windows derivative server, AIX server, clustered server, 
database server, grid computing server, VOIP server, wireless gateway server, security server, 
file server, network attached storage server, game server, router, switch, wireless access point, 

20 workstation, desktop computer, notebook computer, laptop computer, utility computing system 
or gateway device or a combination of any of the foregoing. 

19. The security system of claim 1 wherein said packet processing steps include 
header processing or deep packet processing or a combination thereof. 

20. The security system of claim 2 further comprising: 

25 a. at least one central manager for compiling and distributing storage area 

network security rules; and 

b. at least one security policy driver to communicate with the central manager to 
set up rules in said hardware processor on at least one of said plurality of said one or more 
networked systems to analyze and enforce storage area network security based on said rules. 
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21 . The security system of claim 20 wherein the central manager comprises at least 

one of: 

a. A Security Policy Developer Interface for entering security policy; 

b. A Security Rules Compiler for compiling security policies into rules; 

5 c. A Rules Distribution Engine to distribute rules to the said plurality of said one 

or more networked systems 

d. A Security Policy Manager Interface to manage said plurality of said one or 
more networked systems; 

e. A Security Monitoring Engine to monitor said network; 

10 f. An event collection/management engine to manage said network and collect 

events or reports from said plurality of said one or more networked systems; or 

g. a combination of any of the foregoing. 

22. The security system of claim 20 wherein at least one of said networked systems 
provides security based on rules for 

15 a. OSI protocol layer two to provide layer two or MAC layer filtering; or 

b. OSI protocol layer three to provide layer three or network layer filtering; or 

c. OSI protocol layer four to provide layer four or transport layer filtering; or 

d. OSI protocol layers five through seven to provide upper layer or application 
layer filtering; or 

20 e. Storage protocol layer to provide storage protocol layer filtering; or 

f. a combination of any of the foregoing. 

23. The security system of claim 2 including security protocols comprising at least 
one of IPSEC, OPSEC, SSL, TLS, AES, DES, 3DES, SHA1, MD4, MD5, RSA, CHAP, 
Kerberos, a proprietary protocol or a combination of any of the foregoing. 
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24. The security system of claim 20 including a policy driver that executes on a 
processor of said hardware processor or on a host processor of at least one of said networked 
systems. 

25. The security system of claim 2 including multiple protocol layer security that 
includes security functions performed at one or more protocol layers of the OSI stack to provide 
packet filtering, intrusion detection, denial of service attack detection, port scanning detection, 
virus scan, spam filtering, unauthorized access, or a combination of any of the foregoing. 

26. A security system for a network, 

said network comprising one or more networked systems of one or more types, 

said security system comprising a set of systems from said one or more 
networked systems, 

a plurality of said set of systems comprising a hardware processor providing 
transport layer protocol processing, 

said hardware processor comprising 

a protocol processing engine to do transport layer protocol processing; or 

a programmable rule processing engine to analyze network traffic for rule 
matching or taking actions on matched rules or a combination thereof; or 

a security processing engine to do encryption, decryption, authorization or 
authentication or a combination thereof using standard or proprietary security 
protocols; or 

a packet classification engine to classify the network traffic; or 

a packet processing engine to perform packet processing tasks like header 
processing or deep packet processing or a combination thereof; or 

a combination of the foregoing, 

said security system providing multiple protocol layer security in said network. 
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27. A security system for a network comprising one or more networked systems, at 
least one of said networked systems having a hardware processor providing a protocol 
processing stack, said security system providing a secure operating environment for said 
protocol processing stack for trusted computing needs of one or more of said networked 
systems by providing a policy driver for setting up the hardware processor for security policy 
rules to be enforced by said hardware processor, and a central manager for compiling and 
distributing said rules and monitoring the enforcement of said rules by said hardware processor. 
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